# Detecting in-Silicon Hardware Trojans with Side

Channel Analysis

Franco Mezzarana Joshua Joseph Dr. Mike Bord

Franco Mezzarapa, Joshua Joseph, Dr. Mike Borowczak, Phd DRACO LAB | University of Central Florida
Dept. Of Electrical and Computer Engineering



This work presents a manufactured device that contains two sets of isolated hardware: one containing an encryption scheme and the other containing identical encryption logic alongside several hardware trojans. The objective is to expand upon prior research in hardware trojan detection by applying side-channel power analysis on a physical device during encryption operations. Utilizing similar Automated Machine Learning techniques, this work aims to validate prior simulation results in a hardware medium and detect the presence of key corruption alongside information leakage through power capture anomalies.

## Motivation/Problem

Offshore manufacturing and information-sensitive applications of integrated circuits (ICs) have resulted in a growing need for validation techniques to ensure hardware security. A Hardware Trojan (HT) is one of these threats as it is malicious logic that modifies the intended behavior of the circuit.

While verification of manufactured devices is thorough, additional safeguards are imperative to confidently identify units affected by errors in verification or sophisticated supply chain attacks.

Side Channel Analysis (SCA) is a promising avenue that can be used to monitor signals by leveraging physical exposure to the device, allowing for the capture of power and information by probing exposed inputs/output pins. Previous work using SCA, specifically Differential Power Analysis, was successful in the collection of power traces to train machine learning models to distinguish between a firmware-implemented trojan in comparison to non-trojan activity on the Chip Whisperer's STM32- F030 MCU.

# Hypothesis

Prior works indicate that side-channel differential power analysis is effective at detecting simulated hardware trojans on an embedded system microprocessor. When moving this design onto an ASIC, we hypothesize that the same principles continue to apply, allowing us to leverage the difference in power consumption between a non-compromised chip and a compromised chip.





#### Current Work & Results







#### Future Work/Discussion

Derivations of this work can be applied in offensive and defensive security fields. Offensively, future work consists of improving upon the hardware trojans used in this experiment to determine if the side channel detection techniques used are still viable for more sophisticated attacks that reduce their footprint and evade verification. Defensively, the development of a system on chip utilizing edge artificial intelligence can be implemented to capture and monitor abnormalities in consumption to determine the presence of a hardware trojan.

#### Contact

Franco Mezzarapa
franco.mezzarapa@ucf.edu

Joshua Joseph
joshua.joseph@ucf.edu



## Acknowledgements

This work is funded by the DRACO Lab at the University of Central Florida. A special thank you to both Alicia Thoney and Calvin VanWormer for the verification of the encryption module. For more information, please contact:

DRACO LAB | www.ece.ucf.edu/DRACO

Dr. Mike Borowczak, Lab Director

mike.borowczak@ucf.edu

Dept. Of Electrical & Computer Engineering

College of Engineering and Computer Science